Cyber criminals are using an exploit kit to distribute the fastest spreading ransomware to-date. The ransomware being distributed is WannaCry 2.0 but is also referenced to as WannaCrypt0r, Wanna Decryptor, and WCry.
A Google Docs phishing scheme is taking the internet by storm this week. A client of ours received an email from one of their colleagues similar to the screenshot below.
A new ransomware called Mole has been found, and it appears to be a version of the CryptoMix family. Additionally, Mole has many similarities to the Revenge and CryptoShield variants which are also members of the CryptoMix strain.
Ransomware attacks have beome a grave threat to businesses across the world. Cybercriminals use data encrypting ransomware to hold a companies data hostage until a ransom of hundreds or several thousand dollars has been paid. Since a majority of ransomware attacks are delivered to your end users in email, it's important to educate your end users of the danger that ranomware poses and what they can do to help protect the company from ransomware. Here is a short letter you can email your employees to inform them of the dangers of ransomware.
Cybercriminals stooped to new lows this week after the death of Aaron Hernandez. It was reported yesterday that the former New England Patriots tight end and convicted murderer committed suicide in his jail cell. Aaron took his life the same day the 2017 Super Bowl champion New England Patriots were invited to meet with President Donald Trump in the White House. The fall from grace of Aaron Hernandez was widely recounted in the news media starting June 26, 2013, with his arrest and charge of murder for the death of Odin Lloyd. Things never got better for Aaron. Just one day before his alleged suicide Hernandez was charged with two previous murders and implicated in the shootings of three other individuals in two separate incidents dating back to when Aaron attended college.
In 2016, several hospitals and healthcare organizations were hit with ransomware attacks. In fact, between October 2016 and February 2017, 42.77% of cyberattacks targeted healthcare organizations. With ransomware attacks predicted to quadruple by 2020, cybersecurity spending is also predicted to exceed $65 billion for the healthcare industry.
March was a month where a lot of small ransomware variants appeared but never came to fruition. There was, however, an update on CryptoLocker making its return, Cerber added a couple of new features, and Android ransomware appears to be here to stay. We also have a list of decryptors that were released, enabling you to recover your files without paying the ransom.
We recently had an individual inquire about a form of ransomware named Matrix. Unfortunately, there is currently no way to decrypt files that are encrypted by the Matrix ransomware without paying the ransom. We have included that transcript of the conversation between our Security Analyst and the tech who has had a client infected by Matrix. Too many of our conversations go this way. Having CryptoStopper would have prevented this and having CryptoStopper in your cyber security arsenal will prevent this from happening to you.
A new ransomware variant named ‘Kirk’ after popular Star Trek character James. T. Kirk recently hit the cybersecurity scene. Like most forms of ransomware, Kirk Ransomware immediately starts encrypting a victim’s files once the malware has been installed. Besides the Star Trek theme, the most interesting characteristic of Kirk Ransomware is the currency demanded for the ransom payment, Monero.
A zero-day attack named Double Agent has been discovered that exploits a 15-year-old feature in Windows from XP through Windows 10. The attack has the ability to take over antivirus software on machines running Windows and turns them into a weaponized Trojan capable of attacking the very system it was designed to protect.